//package com.wjk.kylin.mall.auth.security;
//
//import cn.hutool.json.JSONUtil;
//import com.nimbusds.jose.*;
//import com.nimbusds.jose.crypto.RSASSASigner;
//import com.nimbusds.jose.crypto.RSASSAVerifier;
//import com.nimbusds.jose.jwk.RSAKey;
//import com.wjk.kylin.mall.auth.model.dto.PayloadDTO;
//import com.wjk.kylin.mall.common.core.exception.BaseException;
//import org.springframework.stereotype.Service;
//
//import java.text.ParseException;
//import java.util.Date;
//
//@Service
//public class JwtTokenServiceImpl implements JwtTokenService {
////    @Override
////    public String generateTokenByHMAC(String payloadStr, String secret) throws JOSEException {
////        //创建JWS头，设置签名算法和类型
////        JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.HS256).
////                type(JOSEObjectType.JWT)
////                .build();
////        //将负载信息封装到Payload中
////        Payload payload = new Payload(payloadStr);
////        //创建JWS对象
////        JWSObject jwsObject = new JWSObject(jwsHeader, payload);
////        //创建HMAC签名器
////        JWSSigner jwsSigner = new MACSigner(secret);
////        //签名
////        jwsObject.sign(jwsSigner);
////        return jwsObject.serialize();
////    }
////
////    @Override
////    public PayloadDTO verifyTokenByHMAC(String token, String secret) throws ParseException, JOSEException {
////        //从token中解析JWS对象
////        JWSObject jwsObject = JWSObject.parse(token);
////        //创建HMAC验证器
////        JWSVerifier jwsVerifier = new MACVerifier(secret);
////        if (!jwsObject.verify(jwsVerifier)) {
////            throw new BaseException("token签名不合法！");
////        }
////        String payload = jwsObject.getPayload().toString();
////        PayloadDTO payloadDto = JSONUtil.toBean(payload, PayloadDTO.class);
////        if (payloadDto.getExp() < new Date().getTime()) {
////            throw new BaseException("token已过期！");
////        }
////
////        return payloadDto;
////    }
//
//    @Override
//    public String generateTokenByRSA(String payloadStr, RSAKey rsaKey) throws JOSEException {
//        //创建JWS头，设置签名算法和类型
//        JWSHeader jwsHeader = new JWSHeader.Builder(JWSAlgorithm.RS256)
//                .type(JOSEObjectType.JWT)
//                .build();
//        //将负载信息封装到Payload中
//        Payload payload = new Payload(payloadStr);
//        //创建JWS对象
//        JWSObject jwsObject = new JWSObject(jwsHeader, payload);
//        //创建RSA签名器
//        JWSSigner jwsSigner = new RSASSASigner(rsaKey, true);
//        //签名
//        jwsObject.sign(jwsSigner);
//        return jwsObject.serialize();
//    }
//
//    @Override
//    public PayloadDTO verifyTokenByRSA(String token, RSAKey rsaKey) throws ParseException, JOSEException {
//        //从token中解析JWS对象
//        JWSObject jwsObject = JWSObject.parse(token);
//        RSAKey publicRsaKey = rsaKey.toPublicJWK();
//        //使用RSA公钥创建RSA验证器
//        JWSVerifier jwsVerifier = new RSASSAVerifier(publicRsaKey);
//        if (!jwsObject.verify(jwsVerifier)) {
//            throw new BaseException("token签名不合法！");
//        }
//        String payload = jwsObject.getPayload().toString();
//        PayloadDTO payloadDto = JSONUtil.toBean(payload, PayloadDTO.class);
//        if (payloadDto.getExp() < new Date().getTime()) {
//            throw new BaseException("token已过期！");
//        }
//
//        return payloadDto;
//    }
//}
